[rektomatic]

I really want to know what would've happened with an npm install, I guess something boring like crypto mining or identity theft?

[flexagoon]

AFAIK most malware like this first sends the contents of your environment variables, ssh keys, passwords, etc. to the server, and then sets up a persistent process that executes arbitrary commands received from the attacker's server at any time, allowing them to run whatever else they want

[imankulov]

You can actually test it yourself. The actual URL is in the post and the website is still up.

[gman2093]

Arbitrary remote code execution, maybe sold to the highest bidder like some shady cloud provider?